Re: LYNX-DEV Lynx and secure channel, is that a reality?

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV Lynx and secure channel, is that a reality?

From:	tzeruch
Subject:	Re: LYNX-DEV Lynx and secure channel, is that a reality?
Date:	Thu, 11 Sep 1997 13:51:00 -0400

On Tue, 2 Sep 1997, Victor Tsaran wrote:

Sorry for the delay - I did the most recent SSL development on Lynx
related to proxies.

> Dear Lynx developers!
> 
> I am designing a website which is supposed to accept credit and visa card
> as well as other information that should be sent via secure channel. The
> obstacle appeared when I started to test things under Lynx text browser.
> I found that Vanila version of Lynx, which by default, is compiled on most
> Internet machines, doesn't suport https protocol. So the idea of having
> all the ISPs to recompile their Lynx browsers seems rather fantastic and
> unreal.
> Is there any way that I can have text-oriented users submit their secure
> information through Lynx?
> 
> I would ver much appreciate your answer or advice.
> Best regards,
> Victor

You do need SSL.  The easiest method is with the SSLeay library and a
proxy - the ISP would need to compile SSLeay (and there are restrictions
and licensing terms).

http://www.psy.uq.edu.au:8080/~ftp/Crypto/

One note is that the proxy works with almost anything, so it would not be
just for Lynx.

I have four flavors of proxy, s_client, supersimple, advanced, and swiss
army knife.

For legal reasons, I only send my code to people who tell me they are US
citizens (or canadians), and that they will not violate any licensing or
export laws.  SSLeay is from austrailia and you can import it for free
(but read the RSAref usage restriction or the "is this legal" section of
the FAQ) and contains the actual crypto.

My code is freely redistributable, and any ISP is welcome to it - from me
on the above basis - it adds the proxy to SSL layer.

Also note that telnet and similar sessions would *not* be protected,
although it would be harder to tap the PPP to ISP link than just looking
for things closer to the NAPs.  Security isn't just having SSL somewhere
in the system - you need to secure the whole path.

;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;

[Prev in Thread]

Current Thread

[Next in Thread]

LYNX-DEV Lynx and secure channel, is that a reality?, Victor Tsaran, 1997/09/02
- Re: LYNX-DEV Lynx and secure channel, is that a reality?, Larry W. Virden, x2487, 1997/09/03
- Re: LYNX-DEV Lynx and secure channel, is that a reality?, David Woolley, 1997/09/04
- Re: LYNX-DEV Lynx and secure channel, is that a reality?, tzeruch <=
- Re: LYNX-DEV Lynx and secure channel, is that a reality?, Jim Dennis, 1997/09/03

Prev by Date: Re: LYNX-DEV Getting started with Lynx
Next by Date: Re: LYNX-DEV source size, source reorganization
Previous by thread: Re: LYNX-DEV Lynx and secure channel, is that a reality?
Next by thread: Re: LYNX-DEV Lynx and secure channel, is that a reality?
Index(es):
- Date
- Thread